Today, we’re incredibly excited to launch a new challenge for the Wordfence Bug Bounty Program: the WordPress Superhero Challenge! Through October 14th, we’re introducing a new active installation count range for our bounties for plugins and themes with 5,000,000+ active installations and we are tripling our current top bounties for this new range. This means that our top bounty during the challenge will be $31,200! We’re calling all leading researchers who are up for the challenge. While all WordPress vulnerability researchers are heroes in our eyes, it often takes a superhero to find a vulnerability in a plugin or theme with over 5,000,000 active installs thanks to the rigorous testing that these products endure prior to entering production. By running this challenge, we want to supercharge the amount of research going into these extremely popular products, thereby improving the security of hundreds of millions of visitors to sites with these products installed. We are also introducing a new badge for this challenge, the “WordPress Superhero” badge which will be unlocked for any researcher who submits a critical or high severity vulnerability in a plugin or theme with >= 5,000,000 Active Installs. Check it out below: To spark some inspiration, here is a list of some bounty reward possibilities during the Superhero Challenge: $31,200 for an Unauthenticated Arbitrary PHP File Upload Vulnerability (where the uploaded file can be executed) $23,400 if it requires…Read More